| Title | Surya2Developer Hostel Management System 1.0 Broken Access Control |
|---|
| Description | A broken access control on /admin/manage-students.php allows an unauthenticated attacker to delete registered users and views all the registered users along with their information. |
|---|
| Source | ⚠️ https://github.com/blackslim3/cve_sidequest/blob/main/poc/Broken_Access_Control%20on%20Hostel%20Management%20System%20using%20PHP%20and%20MySQL%201.0.md |
|---|
| User | blackslim3 (UID 64963) |
|---|
| Submission | 03/05/2024 10:55 (2 years ago) |
|---|
| Moderation | 03/15/2024 01:18 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 256890 [Surya2Developer Hostel Management System 1.0 manage-students.php del access control] |
|---|
| Points | 15 |
|---|